import config from 'config';
import expressJwt from 'express-jwt';

export default function (app: any) {
  app.use(expressJwt({
    secret: config.get('security.key'),
    credentialsRequired: false,
    getToken(req: any) {
      if (req.headers.authorization && req.headers.authorization.split(' ')[0] === 'Bearer') {
        return req.headers.authorization.split(' ')[1];
      }
      if (req.query && req.query.id_token) {
        return req.query.id_token;
      }
      if (req.session && req.session.id_token) {
        return req.session.id_token;
      }
      return null;
    },
  }));
}
